Hi all,
I've been looking through the archives trying to figure out how I can
accomplish what I need with "AuthType Basic" on a web site running
Apache 2.0.52, which I realize is not the newest. The basic limit is
that I've got a Google Mini which needs to search and index some
secured content. It's a dumb box which doesn't understand any
authentication beyond "AuthType Basic" or NTLM. NTLM won't work for
what I need unfortunately.
I've got an htdocs directory which I want to do the following:
- restrict *all* access to only valid-users
- allow in the google mini IP to access *all* files.
- allow anyone access to http://site/ to access the default
login.html file to see the various public welcome stuff.
- allow anyone access to index.html, login.html, error.html
files.
I've been looking at the following helpful message thread from the
archive:
http://httpd.markmail.org/message/wk6fhij4saejpsqf?q=AuthType+Basic+allow+login+page&page=3
But I'm obviously missing something since I can't make it work
properly.
What I've got is the following:
<VirtualHost x.y.z.#>
DocumentRoot /path/to/site/htdocs
ServerName secure
LogLevel warn
ErrorLog logs/secure-error_log
CustomLog logs/secure-access_log combined
ErrorDocument 401 "/error.html"
ScriptAlias /cgi-bin/ "/path/to/site/cgi-bin/"
ServerAlias secure.taec.com secure.taec.toshiba.com
<Directory "/path/to/site/htdocs/">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
</Directory>
</VirtualHost>
And in the .htaccess file (I know, I should put this into the master
config, but this is just my testing) I have:
AuthMySQLHost localhost
AuthMySQLUser admin
AuthMySQLPassword password
AuthMySQLDB usertable
AuthMySQLUserTable users
AuthMySQLNameField username
AuthMySQLPasswordField password
AuthMySQLEnable on
AuthName "Access Test Site"
AuthType Basic
require valid-user
AuthMySQLGroupTable users
AuthMySQLGroupField status
require group CURRENT
DirectoryIndex login.html index.html index.php index.htm
Allow From "googlebox.taec.com"
Satisfy Any
<Files "*">
require valid-user
require group CURRENT
</Files>
<FilesMatch "(login|register|forgotpass|error).html">
Allow from All
Satisfy Any
</FilesMatch>
I've also turned up the LogLevel to 'info' to try and see what's going
on here, but it's not doing what I expect. I guess I'll goto the
'debug' level to see what's up.
Anyway, when I first connect to my site using http://site/ I get
prompted for a password. If I hit 'cancel' I get my login.html screen
properly. I *really* want to have the login screen showup without
prompting at all. What should I tweak?
I've got the multiple "Satisfy Any" lines in the .htaccess file
because I'm tearing my hear out trying to figure out the precedence
settings and having a tough time.
Any help or pointers appreciated.
Thanks,
John
John Stoffel - Senior Staff Systems Administrator - System LSI Group
Toshiba America Electronic Components, Inc. - http://www.toshiba.com/taec
john.stoffel@xxxxxxxxxxxxxxxx - 508-486-1087
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|